Wednesday, January 13, 2010

Google: China Involved in Cyber-Attacks on Gmail Accounts of Human Rights Activists

"Google may quit China over cyber-attacks"

"Firm vows to stop censoring search results after Gmail accounts are hacked"
Associated Press and Rueters contributed to this article



Picture by Ng Han Guan/AP

"Google Inc. will stop censoring its search results in China and may pull out of the country completely after discovering that computer hackers had tricked human-rights activists into exposing their e-mail accounts to outsiders.

Google said on Tuesday that it had detected 'highly sophisticated' cyber-attacks in mid-December on the Gmail accounts of Chinese human-rights activists, and that at least 20 other large companies from a wide range of businesses have also been similarly targeted.

The change of heart announced Tuesday heralds a major shift for the Internet's search leader, which has repeatedly said it will obey Chinese laws requiring some politically and socially sensitive issues to be blocked from search results available in other countries. The acquiescence had outraged free-speech advocates and even some shareholders, who argued Google's cooperation with China violated the company's 'don't be evil' motto...

Secretary of State Hillary Rodham Clinton said the Google allegations 'raise very serious concerns and questions' and the U.S. is seeking an explanation from the Chinese government.

Google officials also plan to talk to the Chinese government to determine if there is a way the company can still provide unfiltered search results in the country. If an agreement can't be worked out, Google is prepared to leave China four years after creating a search engine bearing China's Web suffix, '.cn' to put itself in a better position to profit from the world's most populous country.

Free-speech and human rights groups are hoping Google's about-face will spur more companies to take a similar stand.

'Google has taken a bold and difficult step for Internet freedom in support of fundamental human rights,' said Leslie Harris, president of the Center for Democracy & Technology, a civil-liberties group in Washington. 'No company should be forced to operate under government threat to its core values or to the rights and safety of its users.' ...

Google's new stance on China was triggered by what it described as a sophisticated computer attack orchestrated from within the country...

Without providing details, Google said it and at least 20 other major companies from the Internet, financial services, technology, media and chemical industries were targeted. The heist lifted some of Google's intellectual property but didn't get any information about the users of its services, the company said. Google has passed along what it knows so far to U.S. authorities and other affected companies.

It does not appear that any U.S. government agencies or Web sites were affected by the attack, according to two U.S. administration officials. The officials spoke on condition of anonymity because they were not authorized to speak publicly about the issue.

The assault on Google appeared primarily aimed at breaking into the company's e-mail service, Gmail, in an attempt to pry into the accounts of human right activists protesting the Chinese government's policies.

Only two e-mail accounts were infiltrated in these attacks, Google said, and the intruders were only able to see subject lines and the dates that the individual accounts were created. None of the content written within the body of the e-mails leaked out, Google said.

As part of its investigation into that incident, Google stumbled onto another scam that was more successful. Google said dozens of activists fighting the Chinese government's policies fell prey to ruses commonly known as 'phishing' or malware. The victims live in the United States, Europe and China, Google said.

Phishing involves malicious e-mails urging the recipients to open an attachment or visit a link that they're conned into believing comes from a friend or legitimate company. Clicking on a phishing lin... installs malware — malicious software — on to computers.

Once it's installed on a computer, malware can be used as a surveillance tool that can obtain passwords and unlock e-mail accounts."

Read the complete article: http://www.msnbc.msn.com/id/34831106/ns/technology_and_science-security/

No comments: